Avatar of b2kris
 asked on

Cisco ASA to Cent OS 5 ipsec tunnel ip forwarding / sharing

I have a windows server that I want to run a bunch of custom services on and share with several ip's via different linux boxes from outside vendor.

I'm trying to get the first setup complete so I can test so I only need 1 case but this solution will have to work with multiple outside linux servers and the same windows inside server.  

So my windows server has several IP's I'm going to use 2 for this example.

Windows Server - and
There is an ASA 5505 with a inside ip of and the outside ip of 50.x.x.1

Then I have a Cent 5 box with a single private ip of on eth0 and public ip's of 69.x.x.1 and 69.x.x.2 on eth1

iptables are installed but stopped.  openswan is installed and I have a tunnel up between the asa and the cent

ipsec service status shows 1 tunnels up

That's as far as I got.

What I would like to do is make it so when a user comes to 69.x.x.1 it is forwarded to and 69.x.x.2 and it goes to
and vice versa when a connection is established on I want it to route out through 69.x.x.1 and to route out through 69.x.x.2

I don't want the outside world to know about the 50.x.x.1 network.

The question is how can I configure this so that is possible with keeping in mind that someday I'll want this to work and then go get another outside linux box and have a new ip of 70.x.x.1 go to etc. etc.

CiscoLinuxLinux NetworkingNetworkingVPN

Avatar of undefined
Last Comment

8/22/2022 - Mon

I forgot to mention that foreach 1 to 1 mapping there will only be 1 port used.  For example

69.x.x.1 going to would be only tcp 80
69.x.x.2 going to would be only tcp 443

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.